riscv
/
qemu
mirror of https://gitea.goldendeliverer.com/riscv/qemu.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Misc crypto & UI patches 

* Fix endian defaults when no VNC pixel format message is set
 * Add more trace events for VNC messages
 * Fix checking of certificate loading
 * Eliminate cert limit on loading CA certificates
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAmh+GhkACgkQvobrtBUQ
 T995OBAAiET1Av3xoF9aAVO5Visy/yvDaSOkP4bDDr1KkpaDrqLpBhAoqIEdxU1O
 c+SUwltp0dYe7RcYIWg9b5dTpJdWyYDo5LvPQBbwxbhOXMPFbGsMJMc0BaO3KPVV
 dlfXHUyHZ1bLVE5mnM/5poZzhN7CE4qHGw35jr08VF7iPHrEEp+5OgxFddzi5vQq
 Rt+PlWA2CT/U5AoQe3Pgc0sRoS4VWV35xhdDWRgNR52CGzdNR76GneXy1ByJ6CWd
 mlbFkXE6Abnp/TN/IT3sefH099Mc23adxPZ3WJ0aDEWG6jLnlcrvxmag0HNNJmm/
 R+PRB5OkClYA1kntYbLqOZyNHkcWTGtCTIq7293N0hXTWzQw96Py+pDVMeoktqqO
 yuhdykCmOETWbudbpdCpcQyEpu4TQdFDPPoHVh4H2XbJmgIkuU+MMoBaaN+OBphk
 40H/mvGPkrY1Gb/jvDpbg74tqzH/gmTfuZJ+b1CMku9T11ElVPdu2bCUgOTgnPfC
 b7wvyH31qtbel3OA1zzJ69Lh0wCEVYiOoMT+O49PMndlDn/d6ssi2T/6SjdDKUSd
 JyVqhjG6xKr3Mogp/HVVpAEVHncztVDBOPYJA69OG/hjfE63NtcTsbWUhwO0kYr3
 R8qtdq/IYYOPAzGjCzNsApJusrymhVRF/ZSQCnbO15RdERBMF5Y=
 =sxKq
 -----END PGP SIGNATURE-----

Merge tag 'misc-next-pull-request' of https://gitlab.com/berrange/qemu into staging

Misc crypto & UI patches

* Fix endian defaults when no VNC pixel format message is set
* Add more trace events for VNC messages
* Fix checking of certificate loading
* Eliminate cert limit on loading CA certificates

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAmh+GhkACgkQvobrtBUQ
# T995OBAAiET1Av3xoF9aAVO5Visy/yvDaSOkP4bDDr1KkpaDrqLpBhAoqIEdxU1O
# c+SUwltp0dYe7RcYIWg9b5dTpJdWyYDo5LvPQBbwxbhOXMPFbGsMJMc0BaO3KPVV
# dlfXHUyHZ1bLVE5mnM/5poZzhN7CE4qHGw35jr08VF7iPHrEEp+5OgxFddzi5vQq
# Rt+PlWA2CT/U5AoQe3Pgc0sRoS4VWV35xhdDWRgNR52CGzdNR76GneXy1ByJ6CWd
# mlbFkXE6Abnp/TN/IT3sefH099Mc23adxPZ3WJ0aDEWG6jLnlcrvxmag0HNNJmm/
# R+PRB5OkClYA1kntYbLqOZyNHkcWTGtCTIq7293N0hXTWzQw96Py+pDVMeoktqqO
# yuhdykCmOETWbudbpdCpcQyEpu4TQdFDPPoHVh4H2XbJmgIkuU+MMoBaaN+OBphk
# 40H/mvGPkrY1Gb/jvDpbg74tqzH/gmTfuZJ+b1CMku9T11ElVPdu2bCUgOTgnPfC
# b7wvyH31qtbel3OA1zzJ69Lh0wCEVYiOoMT+O49PMndlDn/d6ssi2T/6SjdDKUSd
# JyVqhjG6xKr3Mogp/HVVpAEVHncztVDBOPYJA69OG/hjfE63NtcTsbWUhwO0kYr3
# R8qtdq/IYYOPAzGjCzNsApJusrymhVRF/ZSQCnbO15RdERBMF5Y=
# =sxKq
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 21 Jul 2025 06:44:41 EDT
# gpg:                using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* tag 'misc-next-pull-request' of https://gitlab.com/berrange/qemu:
  crypto: load all certificates in X509 CA file
  crypto/x509-utils: Check for error from gnutls_x509_crt_init()
  ui: add trace events for all client messages
  ui: fix setting client_endian field defaults

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
tracing
Stefan Hajnoczi 8 months ago
parent
56a3033abc 6f7f3419cc
commit
b4f0b382fe
4 changed files with 83 additions and 13 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 23
      crypto/tlscredsx509.c
  2. 6
      crypto/x509-utils.c
  3. 14
      ui/trace-events
  4. 53
      ui/vnc.c

23
crypto/tlscredsx509.c
View File

@ -426,9 +426,8 @@ qcrypto_tls_creds_load_cert(QCryptoTLSCredsX509 *creds,
static int
qcrypto_tls_creds_load_ca_cert_list(QCryptoTLSCredsX509 *creds,
const char *certFile,
gnutls_x509_crt_t *certs,
unsigned int certMax,
size_t *ncerts,
gnutls_x509_crt_t **certs,
unsigned int *ncerts,
Error **errp)
{
gnutls_datum_t data;
@ -449,20 +448,18 @@ qcrypto_tls_creds_load_ca_cert_list(QCryptoTLSCredsX509 *creds,
data.data = (unsigned char *)buf;
data.size = strlen(buf);
if (gnutls_x509_crt_list_import(certs, &certMax, &data,
GNUTLS_X509_FMT_PEM, 0) < 0) {
if (gnutls_x509_crt_list_import2(certs, ncerts, &data,
GNUTLS_X509_FMT_PEM, 0) < 0) {
error_setg(errp,
"Unable to import CA certificate list %s",
certFile);
return -1;
}
*ncerts = certMax;
return 0;
}
#define MAX_CERTS 16
static int
qcrypto_tls_creds_x509_sanity_check(QCryptoTLSCredsX509 *creds,
bool isServer,
@ -471,12 +468,11 @@ qcrypto_tls_creds_x509_sanity_check(QCryptoTLSCredsX509 *creds,
Error **errp)
{
gnutls_x509_crt_t cert = NULL;
gnutls_x509_crt_t cacerts[MAX_CERTS];
size_t ncacerts = 0;
gnutls_x509_crt_t *cacerts = NULL;
unsigned int ncacerts = 0;
size_t i;
int ret = -1;
memset(cacerts, 0, sizeof(cacerts));
if (certFile &&
access(certFile, R_OK) == 0) {
cert = qcrypto_tls_creds_load_cert(creds,
@ -488,8 +484,9 @@ qcrypto_tls_creds_x509_sanity_check(QCryptoTLSCredsX509 *creds,
}
if (access(cacertFile, R_OK) == 0) {
if (qcrypto_tls_creds_load_ca_cert_list(creds,
cacertFile, cacerts,
MAX_CERTS, &ncacerts,
cacertFile,
&cacerts,
&ncacerts,
errp) < 0) {
goto cleanup;
}
@ -526,6 +523,8 @@ qcrypto_tls_creds_x509_sanity_check(QCryptoTLSCredsX509 *creds,
for (i = 0; i < ncacerts; i++) {
gnutls_x509_crt_deinit(cacerts[i]);
}
g_free(cacerts);
return ret;
}

6
crypto/x509-utils.c
View File

@ -46,7 +46,11 @@ int qcrypto_get_x509_cert_fingerprint(uint8_t *cert, size_t size,
return -1;
}
gnutls_x509_crt_init(&crt);
if (gnutls_x509_crt_init(&crt) < 0) {
error_setg(errp, "Unable to initialize certificate: %s",
gnutls_strerror(ret));
return -1;
}
if (gnutls_x509_crt_import(crt, &datum, GNUTLS_X509_FMT_PEM) != 0) {
error_setg(errp, "Failed to import certificate");

14
ui/trace-events
View File

@ -48,13 +48,27 @@ vnc_msg_server_ext_desktop_resize(void *state, void *ioc, int width, int height,
vnc_msg_client_audio_enable(void *state, void *ioc) "VNC client msg audio enable state=%p ioc=%p"
vnc_msg_client_audio_disable(void *state, void *ioc) "VNC client msg audio disable state=%p ioc=%p"
vnc_msg_client_audio_format(void *state, void *ioc, int fmt, int channels, int freq) "VNC client msg audio format state=%p ioc=%p fmt=%d channels=%d freq=%d"
vnc_msg_client_cut_text(void *state, void *ioc, int len) "VNC client msg cut text state=%p ioc=%p len=%u"
vnc_msg_client_cut_text_ext(void *state, void *ioc, int len, int flags) "VNC client msg cut text state=%p ioc=%p len=%u flags=%u"
vnc_msg_client_ext_key_event(void *state, void *ioc, int down, int sym, int keycode) "VNC client msg ext key event state=%p ioc=%p down=%u sym=%u keycode=%u"
vnc_msg_client_framebuffer_update_request(void *state, void *ioc, int incremental, int x, int y, int w, int h) "VNC client msg framebuffer update request state=%p ioc=%p incremental=%u x=%u y=%u w=%u h=%u"
vnc_msg_client_key_event(void *state, void *ioc, int down, int sym) "VNC client msg key event state=%p ioc=%p down=%u sym=%u"
vnc_msg_client_pointer_event(void *state, void *ioc, int button_mask, int x, int y) "VNC client msg pointer event state=%p ioc=%p button_mask=%u x=%u y=%u"
vnc_msg_client_set_desktop_size(void *state, void *ioc, int width, int height, int screens) "VNC client msg set desktop size state=%p ioc=%p size=%dx%d screens=%d"
vnc_msg_client_set_encodings(void *state, void *ioc, int limit) "VNC client msg set encodings state=%p ioc=%p limit=%u"
vnc_msg_client_set_pixel_format(void *state, void *ioc, int bpp, int big_endian, int true_color) "VNC client msg set pixel format state=%p ioc=%p bpp=%u big_endian=%u true_color=%u"
vnc_msg_client_set_pixel_format_rgb(void *state, void *ioc, int red_max, int green_max, int blue_max, int red_shift, int green_shift, int blue_shift) "VNC client msg set pixel format RGB state=%p ioc=%p red_max=%u green_max=%u blue_max=%u red_shift=%u green_shift=%u blue_shift=%u"
vnc_msg_client_xvp(void *state, void *ioc, int version, int action) "VNC client msg XVP state=%p ioc=%p version=%u action=%u"
vnc_client_eof(void *state, void *ioc) "VNC client EOF state=%p ioc=%p"
vnc_client_io_error(void *state, void *ioc, const char *msg) "VNC client I/O error state=%p ioc=%p errmsg=%s"
vnc_client_connect(void *state, void *ioc) "VNC client connect state=%p ioc=%p"
vnc_client_disconnect_start(void *state, void *ioc) "VNC client disconnect start state=%p ioc=%p"
vnc_client_disconnect_finish(void *state, void *ioc) "VNC client disconnect finish state=%p ioc=%p"
vnc_client_io_wrap(void *state, void *ioc, const char *type) "VNC client I/O wrap state=%p ioc=%p type=%s"
vnc_client_pixel_format(void *state, void *ioc, int bpp, int depth, int endian) "VNC client pixel format state=%p ioc=%p bpp=%u depth=%u endian=%u"
vnc_client_pixel_format_red(void *state, void *ioc, int max, int bits, int shift, int mask) "VNC client pixel format red state=%p ioc=%p max=%u bits=%u shift=%u mask=%u"
vnc_client_pixel_format_green(void *state, void *ioc, int max, int bits, int shift, int mask) "VNC client pixel format green state=%p ioc=%p max=%u bits=%u shift=%u mask=%u"
vnc_client_pixel_format_blue(void *state, void *ioc, int max, int bits, int shift, int mask) "VNC client pixel format blue state=%p ioc=%p max=%u bits=%u shift=%u mask=%u"
vnc_client_throttle_threshold(void *state, void *ioc, size_t oldoffset, size_t offset, int client_width, int client_height, int bytes_per_pixel, void *audio_cap) "VNC client throttle threshold state=%p ioc=%p oldoffset=%zu newoffset=%zu width=%d height=%d bpp=%d audio=%p"
vnc_client_throttle_incremental(void *state, void *ioc, int job_update, size_t offset) "VNC client throttle incremental state=%p ioc=%p job-update=%d offset=%zu"
vnc_client_throttle_forced(void *state, void *ioc, int job_update, size_t offset) "VNC client throttle forced state=%p ioc=%p job-update=%d offset=%zu"

53
ui/vnc.c
View File

@ -2309,6 +2309,25 @@ static void set_pixel_format(VncState *vs, int bits_per_pixel,
vs->client_pf.bytes_per_pixel = bits_per_pixel / 8;
vs->client_pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel;
vs->client_endian = big_endian_flag ? G_BIG_ENDIAN : G_LITTLE_ENDIAN;
trace_vnc_client_pixel_format(vs, vs->ioc,
vs->client_pf.bits_per_pixel,
vs->client_pf.depth,
vs->client_endian);
trace_vnc_client_pixel_format_red(vs, vs->ioc,
vs->client_pf.rmax,
vs->client_pf.rbits,
vs->client_pf.rshift,
vs->client_pf.rmask);
trace_vnc_client_pixel_format_green(vs, vs->ioc,
vs->client_pf.gmax,
vs->client_pf.gbits,
vs->client_pf.gshift,
vs->client_pf.gmask);
trace_vnc_client_pixel_format_blue(vs, vs->ioc,
vs->client_pf.bmax,
vs->client_pf.bbits,
vs->client_pf.bshift,
vs->client_pf.bmask);
if (!true_color_flag) {
send_color_map(vs);
@ -2324,6 +2343,7 @@ static void pixel_format_message (VncState *vs) {
char pad[3] = { 0, 0, 0 };
vs->client_pf = qemu_default_pixelformat(32);
vs->client_endian = G_BYTE_ORDER;
vnc_write_u8(vs, vs->client_pf.bits_per_pixel); /* bits-per-pixel */
vnc_write_u8(vs, vs->client_pf.depth); /* depth */
@ -2382,6 +2402,17 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
if (len == 1)
return 20;
trace_vnc_msg_client_set_pixel_format(vs, vs->ioc,
read_u8(data, 4),
read_u8(data, 6),
read_u8(data, 7));
trace_vnc_msg_client_set_pixel_format_rgb(vs, vs->ioc,
read_u16(data, 8),
read_u16(data, 10),
read_u16(data, 12),
read_u8(data, 14),
read_u8(data, 15),
read_u8(data, 16));
set_pixel_format(vs, read_u8(data, 4),
read_u8(data, 6), read_u8(data, 7),
read_u16(data, 8), read_u16(data, 10),
@ -2404,12 +2435,19 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
memcpy(data + 4 + (i * 4), &val, sizeof(val));
}
trace_vnc_msg_client_set_encodings(vs, vs->ioc, limit);
set_encodings(vs, (int32_t *)(data + 4), limit);
break;
case VNC_MSG_CLIENT_FRAMEBUFFER_UPDATE_REQUEST:
if (len == 1)
return 10;
trace_vnc_msg_client_framebuffer_update_request(vs, vs->ioc,
read_u8(data, 1),
read_u16(data, 2),
read_u16(data, 4),
read_u16(data, 6),
read_u16(data, 8));
framebuffer_update_request(vs,
read_u8(data, 1), read_u16(data, 2), read_u16(data, 4),
read_u16(data, 6), read_u16(data, 8));
@ -2418,12 +2456,19 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
if (len == 1)
return 8;
trace_vnc_msg_client_key_event(vs, vs->ioc,
read_u8(data, 1),
read_u32(data, 4));
key_event(vs, read_u8(data, 1), read_u32(data, 4));
break;
case VNC_MSG_CLIENT_POINTER_EVENT:
if (len == 1)
return 6;
trace_vnc_msg_client_pointer_event(vs, vs->ioc,
read_u8(data, 1),
read_u16(data, 2),
read_u16(data, 4));
pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4));
break;
case VNC_MSG_CLIENT_CUT_TEXT:
@ -2455,9 +2500,12 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
vnc_client_error(vs);
break;
}
trace_vnc_msg_client_cut_text_ext(vs, vs->ioc,
dlen, read_u32(data, 8));
vnc_client_cut_text_ext(vs, dlen, read_u32(data, 8), data + 12);
break;
}
trace_vnc_msg_client_cut_text(vs, vs->ioc, read_u32(data, 4));
vnc_client_cut_text(vs, read_u32(data, 4), data + 8);
break;
case VNC_MSG_CLIENT_XVP:
@ -2472,6 +2520,7 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
if (len == 4) {
uint8_t version = read_u8(data, 2);
uint8_t action = read_u8(data, 3);
trace_vnc_msg_client_xvp(vs, vs->ioc, version, action);
if (version != 1) {
error_report("vnc: xvp client message version %d != 1",
@ -2505,6 +2554,10 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
if (len == 2)
return 12;
trace_vnc_msg_client_ext_key_event(vs, vs->ioc,
read_u16(data, 2),
read_u32(data, 4),
read_u32(data, 8));
ext_key_event(vs, read_u16(data, 2),
read_u32(data, 4), read_u32(data, 8));
break;

Write Preview
Loading…
Cancel
Save